HACKING INNOVATION Josh Linkner ChangeThis | 149.01 Since the classic 1983 movie War Games, hackers have been a global fascination. They are feared, glamorized, and hated. Rarely does a day go by without headline news coverage of the wreckage left behind by malicious hackers. They hack corporations, governments, and individuals. It’s been said there are only two types of organizations: those who have been hacked and those that don’t know they’ve been hacked. Hacking is big business, and it’s taking a big toll. In 2014, the FBI received 269,422 complaints of cybercrime. The annual cost of hacking is estimated at over $100 billion in the United States, and more than $300 billion worldwide. Over 60,000 websites are hacked each day, and 47% of adult Americans had their personal information exposed within the last 12 months. MyDoom, the most expensive virus of all time, began in 2004 and has racked up an estimated cost of $38.5 billion. Cybercrime targets 556 million people each year, and 68% of funds lost to these attacks are deemed unrecoverable. No wonder the mere mention of hackers makes the hairs on the back of our necks stand up. Yet their approaches are your best model for innovation, growth, and success. I’m not endorsing cybercrime. But if you put their sinister motives aside and simply study their techniques, hacking is nothing more than an unorthodox problem solving methodology. ChangeThis | 149.01 WHAT DOES HACKING REALLY MEAN? We often define hacking as a criminal act using computer software to violate cyber-security defenses. We envision a pimple-faced young man in a hoodie, guzzling energy drinks in a dimly lit basement, perpetrating malicious deeds for illicit gain. While there certainly are individuals that fit this stereotype, hackers are a much wider and more diverse group than this unimaginative caricature. Hacking does not ascribe a specific intent, and nothing about the skillset itself is right or wrong. In fact, hacking is a tool, an approach. In the same way a knife can be used for evil (to murder) or to heal (a scalpel used to perform a life-saving surgery), hacking can be used to destroy or rebuild. While hacking can clearly be used for wrongdoing, it can also serve as a powerful model of growth, innovation, and success. YOU are a hacker. You have the ability to unlock potential and solve the most intimidating problems you face, both personally and professionally. ChangeThis | 149.01 THE 5 CORE MINDSETS Having studied all kinds of hackers—from the illicit exploits of cybercriminals to the kindhearted researchers who hack in order to eradicate disease—there are some common shared philosophies. Unlike the specific techniques we’ll cover, which are used to solve particular problems, the hacker mindsets are the foundation to innovative thinking. This set of beliefs will serve as the underpinning for your own hacking exploits, and allow you to build a hacking culture in your own organization. Hoodied criminals, lab rats, innovators, entrepreneurs, and business executives alike have embraced these five core philosophies in order to hack through their most difficult challenges: Every Barrier Can Be Penetrated | Hackers universally embrace the belief that fortresses are meant to be breached, mountains are meant to be climbed. The fact that something has never been done or that the challenge seems daunting arouses the hacker rather than deters her. In fact, the more difficult a barrier appears, the more enthused the hacker becomes to rupture it. Compasses Over Maps | This principle is based on a directional aim at a desired outcome rather than a focus on a specific route to the finish line. Hackers shun step-by-step directions and believe meaningful progress is achieved better and faster by a willingness to adapt quickly along ChangeThis | 149.01 the journey. Hundreds of course-corrections, or micro-innovations, yield a better result than pre-programming a route in advance and mindlessly following directions. A map is certainly a handy tool to help you reach your destination when the map is accurate, but what if the map is wrong? When conditions change, your GPS system no longer maximizes efficiency. Today there’s no such thing as a map to success. When teams or organizations turn off their brains and simply follow the corporate GPS, progress shrivels. Give employees the target and resources and then let them use their ingenuity and judgment to find the best route. Nothing Is Static | This is your primary weapon to fight the trend toward complacency. Hackers understand that the only constant must be our ability to learn, grow, and adapt. They understand that innovation is a continuous process, not a once-a-decade initiative. In these turbulent times, embracing this philosophy is no longer optional; it has become mission-critical to sustainable success. Quantity Is a Force Multiplier | Ones and zeroes aren’t the only numbers beloved by hackers. In fact, there’s a core belief that bigger is better in nearly every aspect of the hacking process. A bigger target means not only more loot, but also a lower probability of being detected. A large quantity of small attacks (or ideas) generally beats a single attack (or idea), even if the latter is significantly better—more input from more people with more diversity of thought. ChangeThis | 149.01 Competence Is the Only Credential That Matters | From cybercriminals to biohackers, from software startups to multinational companies that choose to embrace the unorthodox, hackers of all types have a total disregard for authority. They believe respect and power must be earned, not issued. And that a person may have the best idea one day while having the worst idea the next. Merit is the only arbiter. INTRO TO THE 10 TACTICS With the primary objective of driving innovation and growth, we’ll explore the 10 primary tactics of hackers. The same techniques used by villains can be extracted and applied for legitimate purposes. The 10 tactics: 1. Brute Force 6. Deconstruct 2. Social Engineering 7. Agile Bursts 3. Crowdsourcing 8. The Reverse 4. The Exploit 9. The Mashup 5. Borrowing 10. Working Backward ChangeThis | 149.01 BRUTE FORCE The Hack | For computer hackers, Brute Force is a method of trial and error, quickly and inel- egantly trying multiple options to crack encryption or passwords. Using this technique, hackers overwhelm a target with a relentless barrage of attacks in order to destroy the barrier protecting what they desire. A common use of this technique is the Denial of Service (DoS) attack, when hackers flood a system with so much activity that the system is overwhelmed and crashes. Legit Flip | Brute Force is also built upon the Nothing Is Static mindset—the best Brute Force executions involve lots of iteration and continuous learning. The two most common uses of this tactic by Innovation Hackers are Rapid Experimentation and Pivots. Too often, we believe we must dream up a transformative innovation and then bet the company on its success. Innovation Hackers take a more effective and less risky approach: instead of thinking of innovation as a single gigantic effort, the best leaders are constantly running experiments. Continuous Rapid Experimentation can apply to all aspects of our business lives—from product, to process, to leadership. Test how a new cold-call script measures up against the status quo in a quick, three-day experiment in one market. If the data is encouraging, expand the test. If not, ChangeThis | 149.01 discard the idea and try something else. Running a high volume of controlled experiments is your best chance at driving growth while mitigating risk. Hack in Action | Pivots often happen when a company discovers an opportunity to totally shift their business in a new direction. For example, Pixar went from creating animation tools to its own animated films; Instagram went from a check-in app to a photo-sharing platform. Your Pivots don’t have to be as dramatic. When looking to spur innovation, don’t ignore oppor- tunities for micro-Pivots. Innovation Hackers use a Brute Force approach, turning the barrage of attacks inward on their products, processes, and services in hunt of a better solution. I’m not endorsing cybercrime. But if you put their sinister motives aside and simply study their techniques, hacking is “nothing more than an unorthodox problem solving methodology. ChangeThis | 149.01 SOCIAL ENGINEERING The Hack | According to Kevin Mitnick, one of the most notorious hackers to use this method, Social Engineering is “using deception, manipulation and influence to convince a human who has access to a computer system to do something, like click on an attachment in an e-mail.” In other words, using innovative approaches to enlist others to behave in a way that benefits the initiator. A well-known example of this tactic is phishing—calls and emails that trick the recipient into volunteering personal information like passwords or bank account information. Legit Flip | Instead of hoaxing someone to perform a task that they’ll later regret, the legit version has a happy ending. Positive Social Engineering must have three factors: a) truthful, and nothing misleading; b) a structure that is transparent rather than manipulative; and c) most importantly, the end result should be a win-win. Rather than gaining at someone else’s expense, a positive outcome for all parties is the desired end-state. The challenge involves gaining leverage by recruiting others to help your cause. For business purposes, we can group those you’re seeking to influence into two categories: internal (team members, employees, bosses, boards, investors, etc.) and external (customers, the media, competitors, governmental agencies, prospects, voters, potential employees, etc.).